Exchange Server Microsoft Exchange Server

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Microsoft Exchange Server.

Recent Microsoft Exchange Server Security Advisories

Advisory Title Published
CVE-2024-49040 CVE-2024-49040 Microsoft Exchange Server Spoofing Vulnerability November 12, 2024
CVE-2024-26198 Microsoft Exchange Server Remote Code Execution Vulnerability March 12, 2024
CVE-2024-21410 Microsoft Exchange Server Elevation of Privilege Vulnerability February 13, 2024
CVE-2023-36439 Microsoft Exchange Server Remote Code Execution Vulnerability November 14, 2023
CVE-2023-36039 Microsoft Exchange Server Spoofing Vulnerability November 14, 2023
CVE-2023-36050 Microsoft Exchange Server Spoofing Vulnerability November 14, 2023
CVE-2023-36035 Microsoft Exchange Server Spoofing Vulnerability November 14, 2023
CVE-2023-36778 Microsoft Exchange Server Remote Code Execution Vulnerability October 10, 2023
CVE-2023-36757 Microsoft Exchange Server Spoofing Vulnerability September 12, 2023
CVE-2023-36745 Microsoft Exchange Server Remote Code Execution Vulnerability September 12, 2023

By the Year

In 2025 there have been 0 vulnerabilities in Microsoft Exchange Server. Last year, in 2024 Exchange Server had 3 security vulnerabilities published. Right now, Exchange Server is on track to have less security vulnerabilities in 2025 than it did last year.




Year Vulnerabilities Average Score
2025 0 0.00
2024 3 8.70
2023 27 8.13
2022 18 7.81
2021 31 7.84
2020 14 7.74
2019 12 7.23
2018 16 6.58

It may take a day or so for new Exchange Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Exchange Server Security Vulnerabilities

Microsoft Exchange Server Spoofing Vulnerability

CVE-2024-49040 7.5 - High - November 12, 2024

Microsoft Exchange Server Spoofing Vulnerability

User Interface (UI) Misrepresentation of Critical Information

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2024-26198 8.8 - High - March 12, 2024

Microsoft Exchange Server Remote Code Execution Vulnerability

Exchange Server Privilege Escalation via Net-NTLMv2 hash

CVE-2024-21410 9.8 - Critical - February 13, 2024

Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-36035 8 - High - November 14, 2023

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-36039 8 - High - November 14, 2023

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-36439 8 - High - November 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-36050 8 - High - November 14, 2023

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-36778 8 - High - October 10, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-36744 8 - High - September 12, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-36745 8 - High - September 12, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-36756 8 - High - September 12, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-36757 8 - High - September 12, 2023

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2023-36777 5.7 - Medium - September 12, 2023

Microsoft Exchange Server Information Disclosure Vulnerability

Microsoft Exchange Remote Code Execution Vulnerability

CVE-2023-35368 8.8 - High - August 08, 2023

Microsoft Exchange Remote Code Execution Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-38181 8.8 - High - August 08, 2023

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-38182 8 - High - August 08, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-38185 8.8 - High - August 08, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2023-21709 9.8 - Critical - August 08, 2023

Microsoft Exchange Server Elevation of Privilege Vulnerability

Improper Restriction of Excessive Authentication Attempts

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-35388 8 - High - August 08, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-28310 8 - High - June 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-32031 8.8 - High - June 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-21706 8.8 - High - February 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-21707 8.8 - High - February 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-21710 7.2 - High - February 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-21529 8.8 - High - February 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-21745 8 - High - January 10, 2023

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2023-21764 7.8 - High - January 10, 2023

Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2023-21763 7.8 - High - January 10, 2023

Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2023-21761 7.5 - High - January 10, 2023

Microsoft Exchange Server Information Disclosure Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-21762 8 - High - January 10, 2023

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2022-41078 8 - High - November 09, 2022

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2022-41079 8 - High - November 09, 2022

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-41080 8.8 - High - November 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-41123 7.8 - High - November 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-41040 8.8 - High - October 03, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

SSRF

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-41082 8 - High - October 03, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability

Marshaling, Unmarshaling

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2022-34692 5.3 - Medium - August 09, 2022

Microsoft Exchange Server Information Disclosure Vulnerability

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2022-21979 4.8 - Medium - August 09, 2022

Microsoft Exchange Server Information Disclosure Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-21980 8 - High - August 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-24477 8 - High - August 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-24516 8 - High - August 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2022-30134 6.5 - Medium - August 09, 2022

Microsoft Exchange Server Information Disclosure Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-21978 8.2 - High - May 10, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2022-24463 6.5 - Medium - March 09, 2022

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-23277 8.8 - High - March 09, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-21969 9 - Critical - January 11, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-21855 9 - Critical - January 11, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-21846 9 - Critical - January 11, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2021-42305 6.5 - Medium - November 10, 2021

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2021-42321 8.8 - High - November 10, 2021

Microsoft Exchange Server Remote Code Execution Vulnerability

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Exchange Server or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe